Introducing two new dashboards: Campaigns and Threat Insights

Our October release introduces two new dashboards, which we believe will greatly simplify your work with ActiveGuard. The Campaigns Dashboard provides a better overview of active campaigns (especially if you want to keep track of many at the same time). The all-new Threats Insights Dashboard puts the most important metrics front and center to give you a better view of what’s going on in terms of threats.

By Luca
2 min read

Campaigns Dashboard

A campaign is a set of emails sharing a common attribute, for example the same sender or the same attachment, and is defined by a query created by the user. Originating from a customer request, the new campaign overview feature allows the quick identification of those campaigns that are matching reports of suspicious content. This facilitates an analysis of the most critical threats and a prompt response to them. A further benefit is the possibility for the SOC analyst to monitor, track, and compare all the campaigns in one consolidated view.

You can access the new campaign view from the same location as before. For each campaign, you can see the total number of matches in the campaign view and you can also sort the campaigns conveniently by name, date of creation or for example by the number of matches. By clicking on each campaign, the messages and reports matched by the individual campaigns can be checked. It is also possible to edit the campaign action for each individual campaign, so that you can customize your response according to you preferences.

Figure 1: xorlab ActiveGuard Campaigns Dashboard

Threat Insights Dashboard

The second major change following the October Update, is that the ActiveGuard home screen will change into the new Threat Insights Dashboard. On this new dashboard, all the vital stats are displayed at once. This update will help the SOC-analyst to get a quick overview of the performance of ActiveGuard and to recognize any ongoing attacks against the organization.

The Threat Analysis Dashboard also shows which open tasks the SOC-analyst has to perform, the volume of email traffic that ActiveGuard analyzed and the reported incidents requiring urgent attention.

Figure 2: xorlab ActiveGuard Threat Insights Dashboard